IcarusSquad Inactive

Ransomware group first observed in 2024. Uses Rubeus for deployment.
PDF Report Back to Groups
0
Total Victims
2024-09-01
First Seen
2025-01-28
Last Seen
0
Known TTPs
18.8d
Avg Delay
0
Negotiations
ONION URLS
sdc3oahdhx4wg3dix76ncjbkowcgj7tqegnn44vp4wi7rsjl24vrbsp4.onion
TOOLS
Rubeus TDSSKiller
FILE EXTENSIONS
.encrypted
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
Date Victim Name Country Sector Status
No victims recorded

No TTPs data

No YARA rules

TypeValueDescriptionCopy
email info696@tutanota.com Contact email observed in IcarusSquad attacks
tox AA5AF2C8105CD70ECA3D3FE6EB37CFA137CFF7AB07E035FBE224C8D3FDF876DFDF0569703F6F Infrastructure linked to IcarusSquad
md5 e388abb336649af98e9bdf507b19b2b6 Associated with IcarusSquad ransomware
email payment11@keemail.me Associated with IcarusSquad ransomware
tox 76BE058E3F2D3B2E990E8FFEFDDD5DB6B9DBD0EDFAABF9F3FA4CCAB29F075759A33AEDF8CAEB Infrastructure linked to IcarusSquad
sha1 f2c010e6ce2e736aee6574c21fef3c0af1251b5d Dropper hash - IcarusSquad campaign

No ransom notes